of e/motion management gmbh
(hereinafter referred to as "We" or the "Operator")
1.1 The protection of individuals with regard to the processing of personal data is a fundamental right which we take very seriously. Any data processing shall be carried out in accordance with the EU General Data Protection Regulation (hereinafter "GDPR") and the relevant laws of the Republic of Austria.
1.2 In this document, we explain our procedures regarding the collection, use and disclosure of personal data of natural persons (hereinafter "data subjects") that we collect and process in the course of our service provision and business operations.
1.3 This notice applies both to the data collected from the customer in the course of using our offer (hereinafter referred to as "customer data") and to the data processed in connection with our website (hereinafter referred to as "web visitor data").
1.5 We store personal data only on secure servers located in secure facilities in the European Union or the European Economic Area. The data we collect may be transferred to and stored or processed by employees working for us for the purposes of providing the Services.
2. purposes, data categories and legal basis for data processing of customer data
2.1 We process personal user data from the data categories listed in section 2.2 for the following general purposes:
a. To contact the contractual partner,
b. to fulfill pre-contractual and contractual obligations,
c. to provide the services offered,
d. to answer questions and comments,
e. for the purposes of e-mail marketing and market research, provided that the data subject has expressly consented to such processing separately,
f. in order to be able to inform the contractual partner about news at regular intervals.
2.2 About customers who use our offer, we may process customer data of the following data categories:
a. First and last name,
b. E-mail address,
c. Telephone number,
d. Date of birth,
e. Country of origin,
g. Association membership
2.3 The legal basis for the processing of personal data of the data categories mentioned in point 2.2 is our overriding legitimate interest pursuant to Art 6 para 1 lit f DSGVO, which is to achieve the purposes mentioned in point 2.1. In particular, the processing of customer data is necessary to enable us to offer our range of products and services and to enable us to contact customers.
2.4 If there is a contract between the customer and us and the processing of the customer's data is absolutely necessary for the fulfillment of the contract, the lawfulness of the data processing also results from this necessity (Art 6 para 1 lit b DSGVO).
2.5 Furthermore, the processing of the data may be necessary on the basis of the necessity of the fulfillment of legal obligations (Art 6 para 1 lit c DSGVO) and thus be lawful.
3. purposes, data categories and legal bases for the data processing of web visitor data.
3.1 We process personal web visitor data from the data categories listed in section 3.2 for the following general purposes:
a. To provide you with this website and to further improve and develop this website,
b. to detect, prevent and investigate attacks on our website,
c. to respond to your requests; and
e. to be able to compile usage statistics.
3.2 About data subjects visiting our website, we may process the following web visitor data of the following categories of data:
a. The IP address of the visitor and, in connection with this, the date and time of the call of a page on our website, brand name and version of their web browser as well as the selected language setting, your operating system, your Internet service provider, the website (URL) from which you were referred to our website,
b. the information that you yourself have entered voluntarily in our contact form (i.e. name, email address and the message), and
3.3 The processing of web visitor data of the data categories mentioned in point 3.2 is technically necessary to achieve the purposes mentioned in point 3.1 lit. a - d and to enable us to offer our website. With regard to the purposes stated in point 3.1 lit. a - c, the legal basis for the processing of personal data is based on our overriding legitimate interest pursuant to Art 6 (1) lit. f DSGVO, which is to achieve the purposes stated in points a - d and to be able to offer our website.
3.4 If there is a contract between the user and us and the processing of the user's data is absolutely necessary for the fulfillment of the contract, the lawfulness of the data processing also results from this necessity (Art 6 para 1 lit b DSGVO).
3.5 Furthermore, the processing of the data may be necessary on the basis of the need to fulfill legal obligations (Art 6 para 1 lit c DSGVO) and thus be lawful.
3.6 We use "cookies" to improve the operation of our website. Cookies are small text files that can be stored on your computer when you visit a website. Basically, cookies are used to provide users with additional features on a website. Cookies cannot access, read or modify other data on your computer.
3.7 We use both cookies that are deleted again when you close your browser (session cookies) and cookies that remain stored on your terminal device after you close your browser (permanent cookies). The cookies we use may originate from us (first party cookies) as well as from third parties (third party cookies). In this context, it should be noted that this website uses Google Analytics (which is a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google")) in order to be able to fulfill the purpose of "user statistics" as stated in point 3.1 lit. e.
3.8 Some cookies are technically mandatory for the function of our website. The use of these cookies is lawful pursuant to Art. 6 para. 1 lit. f DSGVO, as we have a legitimate interest in being able to offer a functional website.
3.11. In order to revoke consent or restrict it to certain cookies, the following options exist in particular:
a. Using the link located in the footer of our website, our "Cookie Manager" can be accessed. In our cookie manager, the cookie settings of our website can be changed at any time.
b. Cookie settings can also be changed in the browser of the person concerned. Details can be found in the help function of the browser (mostly accessible via the F1 key on your keyboard).
3.12. The revocation of your consent does not affect the lawfulness of the processing that took place before your revocation based on your consent.
4. place of data processing and transmission of personal data
4.1 In order to achieve the aforementioned purposes, it is necessary to forward data to external service providers. In the course of carrying out the aforementioned data applications, the data will in any case be forwarded to recipients in the following categories:
a. our IT service providers (see in detail point 4.7),
b. Banks, insofar as this is necessary for the execution of cashless payment transactions,
c. Processing partners for communication
4.2 In specific individual cases, it may also be necessary to forward data to the following recipients in the following categories:
a. Cooperation partner
b. Auditors and tax consultants,
c. Lawyers and
d. public authorities (e.g. courts, police, administrative authorities).
4.3 Data transfer may also occur if our company or parts of our company are taken over by a third party or if our company or parts of our company are merged with another company. Before personal data is transferred and becomes subject to other data protection policies, we will inform the data subjects in a timely manner.
4.4 Data processing activities may also be carried out, at least in part, outside the EU or the EEA. Such commissioning of an external IT service provider is mandatory only in accordance with the legal instruments of Chapter V GDPR. The adequate level of data protection results in the respective case from one or more of the following points:
a. an adequacy decision of the European Commission pursuant to Art 45 GDPR;
b. an exception for the specific case according to Art 49 (1) GDPR;
c. binding internal data protection regulations pursuant to Art 47 in conjunction with Art 4 (2) lit b DSGVO;
d. Standard data protection clauses pursuant to Art 46 (2) (c) and (d) of the GDPR;
e. approved codes of conduct pursuant to Art 46 (2) (e) in conjunction with Art 40 GDPR;
f. an approved certification mechanism pursuant to Art 46 (2) (f) in conjunction with Art 42 GDPR;
g. contractual clauses approved by the data protection authority pursuant to Art 46 para 3 lit a DSGVO.
4.5 We currently use the following external IT service providers:
- Google LLC, Google Data Protection Office, 1600 Amphitheatre Pkwy, Mountain View, California 94043. Google LLC is based in the USA. The transfer of data by us to Google LLC takes place on the basis of standard data protection clauses pursuant to Art 46 (2) lit c and d DSGVO and on the basis of contractual clauses approved by the respective competent data protection authority pursuant to Art 46 (3) lit a DSGVO, which ensures an adequate level of data protection and permits the flow of data to this company.
- Goodform Ltd, 1 George Street, Wolverhampton, WV2 4DG, United Kingdom. Goodform Ltd is based in the United Kingdom. The transfer of data by us to Goodform Ltd is based on an adequacy decision by the Commission under Art 45 GDPR.
- WIZZIT OG, Linke Wienzeile 12/20 1060 Vienna, Austria.
5 Duration of storage
5.1 As a matter of principle, we only process personal data for as long as is necessary to achieve the above-mentioned purposes.
5.2 Longer storage will only take place insofar as the storage or processing of the data continues to be necessary:
a. to comply with a legal obligation (e.g. the retention obligation under tax law applicable in Austria pursuant to Section 132 (1) BAO and the retention obligation under company law pursuant to Sections 190, 212 UGB: 7 years), which requires processing under the law of the Union or the Member States to which we are subject, or to perform a task which is in the public interest or in the exercise of official authority vested in us, or
b. for the assertion, exercise or defense of legal claims for at least 3 years.
6. rights and obligations of the data subject
6.1 Insofar as our processing of data is based exclusively on the consent of the data subject, the data subject is entitled to revoke his or her consent at any time. In addition, according to applicable data protection law, the data subject has the right to
a. to check whether and which personal data we have stored about you and to receive copies of this data
b. to request the correction, completion or deletion of your personal data that is incorrect or not processed in accordance with the law,
c. to require us to restrict the processing of your data,
d. in certain circumstances, to object to the processing of your personal data or to withdraw the consent previously given for the processing operations,
e. To request data portability,
f. know the identity of third parties to whom your personal data is transferred; and
g. lodge a complaint with the data protection authority responsible for us, which is the Austrian Data Protection Authority Barichgasse 40-42, 1030 Vienna or with a data protection supervisory authority in another EU member state, in particular at the place of residence or place of work of the data subject.
6.2 We would like to point out that the provision of the data is mandatory for contractual reasons (and not by law) in order to be able to enter into a contractual relationship with us and to be able to use our services. If the disclosure of the data is refused, it may be factually impossible for us to fulfill our obligations.
7 Confidentiality and security
7.2 The Operator restricts access to personal data to those employees of its own company, affiliated companies and external service providers who, in the reasonable opinion of the Operator, need to see such data in order to deliver products or services or to perform their duties.
7.3 The Operator has physical, electronic and procedural security devices that comply with the regulations on the protection of personal data. However, no one hundred percent security can be guaranteed for data transmissions on the Internet. For this reason, the Operator cannot assure or guarantee the security of data that the Data Subject transmits to the Operator. In particular, access to and use of the Service is exclusively at the User's own risk. It is also the User's responsibility to restrict access to the terminal device and to ensure that it is free of malware of any kind, etc., that may track data entered into the Service, such as e-mail addresses and payment data.
7.4 The Operator is expressly not liable for any loss or damage resulting from the data subject's failure to comply with this section.
8. contacting the operator
8.1 If you have any questions or concerns regarding the processing of your personal data, please contact us:
e/motion management gmbh